inWebo launches a new offering for IoT Security

San Francisco and Paris, December 18th, 2017 – inWebo Technologies expands its security portfolio for IoT security by launching a new offering called inWebo Local Authorization.

Service providers in verticals such as Connected Cars, mobility services, Smart Cities, Connected Home, Connected Health, etc., can now benefit from inWebo exhaustive framework for secure access control, both to cloud-based IoT services and to local IoT resources.

« In a first wave of IoT services, service providers have requested access control solutions to protect their cloud-based services. inWebo has met these requests by successfully adapting and implementing its multi-factor authentication solution in connected-car services for instance », said Didier Perrot, CEO at inWebo Technologies. « In a second wave, service providers need new solutions for secure access control to local resources such as vehicles, locks, meters, ticketing systems etc., that are not constantly connected to a central authorization platform via the Internet. These ‘offline’ use cases are becoming mainstream in the IoT and demand a new security approach to protect the IoT resources and businesses, while being extremely easy and intuitive to use. This is what inWebo Local Authorization now enables. We’re now willing to partner with more service providers to make the IoT a secure place. ».

Developing a framework for secure local access control has required a significant R&D effort and has led to a patent application. inWebo Local Authorization (IWLA) is an alternative or a complement to connectivity solutions, such as 3G or low-bandwidth mobile connectivity.

IWLA allows a resource such as a lock or a driverless vehicle to take a local authorization decision to give access to a user based on the verification of a virtual key that includes non-spoofable claims and rights about the resource. A virtual key is carried in a smartphone App for instance. The verification happens instantly without the need for the resource or the smartphone to connect to a central server. The verification doesn’t expose the key itself, thus preventing a wide range of attacks.

inWebo provides an API to issue and manage smart locks and virtual keys, based on an infrastructure that makes extensive use of FIPS-certified hardware security equipment. IWLA is therefore both extremely secure and extremely easy to implement by service providers.